Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

Re^3: Executing a string as a Perl command

by ww (Bishop)
on May 10, 2011 at 12:29 UTC ( #903971=note: print w/ replies, xml ) Need Help??


in reply to Re^2: Executing a string as a Perl command
in thread Executing a string as a Perl command

  1. ...and your point (aside from the fact that your code prints "5") is...?
  2. ... and this is better than

    my $var1 = 5; print $var1;

    how?


Comment on Re^3: Executing a string as a Perl command
Download Code
Re^4: Executing a string as a Perl command
by ctilmes (Priest) on May 16, 2011 at 10:48 UTC
    This short illustrative example has $cmd set inline, but in a real program, it could be constructed from other variables, it could be read from a user, it could be read from a file, etc.

    The question was simply how to get it to execute once it was set. The answer is eval.

      eval is the wrong answer since it can run arbitrary code

      If the user gives you some form of # rm -rf * ~ / , a lot of your files get deleted

        The OP said nothing about a user supplying the string. We pointed out that there are security concerns if you don't trust the string.

        If you want to run arbitrary code supplied by a 100% trusted source at runtime, what would you use other than eval?

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://903971]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others exploiting the Monastery: (10)
As of 2014-10-24 12:43 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    For retirement, I am banking on:










    Results (131 votes), past polls